Payment Card Industry (pci) pin transaction Security (pts) Hardware Security Module (hsm) Modular Evaluation Vendor Questionnaire

F – Devices with Message Authentication Functionality

Download 0.91 Mb. Page 15/19 Date 28.01.2017 Size 0.91 Mb. #9274

Navigate this page:

• Section F2
• Section F3
• Section F4
• G – Devices with Key-Generation Functionality
• Section G2
• Section G3

F – Devices with Message Authentication Functionality Section F1 # If the answer to F1 in the PCI HSM Modular Security Requirements was “YES,” describe: 1 How the message authentication device is manually activated.       2 How the identity of the key used is displayed on the device.       3 How the device only outputs a confirmation or denial of a MAC provided for verification, and never the plaintext-computed MAC.       Comments:       Section F2 # If the answer to F2 in the PCI HSM Modular Security Requirements was “YES,” describe: 1 The length of the MAC being generated or verified.       2 How the MAC being generated or verified is in accordance with ISO 16609.       Comments:       Section F3 # If the answer to F3 in the PCI HSM Modular Security Requirements was “YES,” describe: 1 The MAC generation and verification techniques.       2 How the techniques are in accordance with ISO 16609.       Comments:       Section F4 # If the answer to F4 in the PCI HSM Modular Security Requirements was “YES,” describe: 1 The message authentication device use of unidirectional MAC keys.       2 Each MAC function for each MAC key       Comments:       G – Devices with Key-Generation Functionality Section G1 # If the answer to G1 in the PCI HSM Modular Security Requirements was “YES,” describe: 1 How the device is protected from unauthorized removal from its operational location. List all deterrents available to the device.       Comments:       Section G2 # If the answer to G2 in the PCI HSM Modular Security Requirements was “YES,” describe: 1 The means provided by the device to output any plaintext key.       2 How the device enforces the use of dual control for plaintext key outputting.       Comments:       Section G3 # If the answer to G3 in the PCI HSM Modular Security Requirements was “YES,” describe: 1 The functions that require the use of “special sensitive states.”       2 How the special “sensitive” state is entered.       Comments:       Directory: documents documents -> Concept stage documents -> Concept stage documents -> The great global switch-off documents -> Nonprofit grant application documents -> The Truth about the Rwandan Genocide documents -> Annual InStructional unit plan documents -> Chaos equipment included Download 0.91 Mb. Share with your friends: